Ransomeware: how to defend?

Discussion in 'IT & Internet' started by Spreadsheet Accountant, Jun 26, 2021.

  1. atmosbob

    atmosbob Contributor

    4,938 1,211
    I have followed this for years. I used to pay £450 per annum for a "cleaned up" system to stop all junk. I employed women and didn't want them to have to delete obscene emails every morning. This was then taken over by supplier, Haven't had an unwanted email in years.

    We follow Chris's system of having the accounts separate from the email machines. To link between the two we used a "Trainer" network. *

    *You put on a pair of trainers and carry a data disk to the other machine. Only ever go one way.
    Posted: Jun 27, 2021 By: atmosbob Member since: Oct 26, 2009
  2. Spreadsheet Accountant

    Spreadsheet Accountant Full Member

    49 5
    Everyone gets hacked.
    Like I have said already, not willing to follow your suggestion.
    Bet you don't sit down with your accountant when you should.
    No one "knows about ransomeware", that's most of the problem.
    And again like I have said, I have found a solution that is a pleasant surprise
    Following your advice no one would use this forum because there are professionals in everything.
    People come here for help to avoid those costs, not to be lectured.

    Posted: Jun 27, 2021 By: Spreadsheet Accountant Member since: Jun 12, 2021
  3. Spreadsheet Accountant

    Spreadsheet Accountant Full Member

    49 5
    Sure, good strategy, but not for me.
    We used to call that "sneakernet".

    Posted: Jun 27, 2021 By: Spreadsheet Accountant Member since: Jun 12, 2021
  4. gpietersz

    gpietersz Full Member

    2,222 562
    Backups are crtiical. No system security failsafe and they let you recover from other failures too.

    Prevention is particularly specific to ransomware. You need to stop malware in general.

    My own first like of defence is using Linux. Its safer to start with and makes a lot of other things (line ensuring everything is updated) easier. I am sure any OpenBSD or Qubes users will tell me their OSes are a lot better....

    What you can do (regardless of the system):
    1. Keep everything updated. Not just your anti-virus, but all your software. Yes, there are unfixed vulernabilities in a lot of software, but runnig software with known vulenrabilities is asking for trouble
    2. Incremental backups. Preferably pull backups. So if a file is silently corrupted you can go back and get and get an older copy of just that file. I also suggest using more than one backup meachanism.
    3. Intrusion detection. A pain to set up, but will give you an early warning of files being alterered by malware. Deals with the issue of not knowing until its too late the @fisicx brought up.
    4. Training and awareness. As people have said, most of it happens through phishing and social engineering. The problems are that most people start of with a poor understanding of technology (as someone said in aother thread, its voodoo) so they are easy to fool, and even those who are well informed only need to make one mistake.
    5. Secure web browsers. I use a whole bunch of security and privacy extensions. Some (like Noscript) are inconvenient, but inconvenience is usually the price of security. In an age when every website you visit runs software inside your web browser, its the only way to follow the old advice not to run software from untrusted source.
    6. Have unnessary features (externally loaded images, for example) turned off by default in emails.
    7. Physically isolate ctirical systems as the sneakernet fans do. Its even more inconvenient, but its very effective.
    Posted: Jun 27, 2021 By: gpietersz Member since: Sep 10, 2019
  5. Mr D

    Mr D Contributor

    28,528 3,537
    Personally I've never sat down with my accountant. No need, we have email and phone, sitting down with her would not add anything.

    Pretty sure some people are experts on ransomware. Besides the ones creating it for sale.
    However you can find a lot more people who know about ransomware but aren't going to be experts in it.

    Great that you have found a solution. However do you know enough about ransomware to realistically assess it? Or are you using someone else's expertise?
    Posted: Jun 27, 2021 By: Mr D Member since: Feb 12, 2017
  6. Chris Ashdown

    Chris Ashdown Contributor

    12,350 2,590
    Using Cloud services is a obvious risk just look at Office 365 what a fantastic target for ransomware or zoom both great tools but high risk in the long run, and then there are plenty of small software which have potential entry into your system. lots to be said about owning your own version of the software with it all running from your computer rather than SAAS
    Posted: Jun 27, 2021 By: Chris Ashdown Member since: Dec 7, 2003
    • Thanks Thanks x 1
  7. Hooble

    Hooble Full Member

    22 1
    We tend to recommend the three-layer protection -
    Spam Filtering to prevent such attacks from coming in via E-Mail and unwittingly been ran by Someone.
    Antivirus on Server and Client PC's
    A shadow backup of the shared file service on a network behind the cloud server (Cannot be accessed by the Ransomware).
    Posted: Jun 28, 2021 By: Hooble Member since: Apr 29, 2021
  8. Financial-Modeller

    Financial-Modeller Contributor

    1,137 439
    Strange thread.

    Out of curiousity, who were you thanking, OP?
    Posted: Jun 28, 2021 By: Financial-Modeller Member since: Jul 3, 2012


    16 0
    Very strange thread indeed. If I had read this thread before registering, I probably wouldn't have bothered.

    In my personal opinion, one must, within reason, simply do everything you can to protect themselves from IT security threats of all kinds.

    After working in large organisations for years the weakest link by far, in my personal opinion, is education and awareness. And if anyone in my organisation insisted on using an iPhone or Mac because of reasons like "but macs are more secure", I would make their education the top priority.
    Posted: Jul 13, 2021 By: MARMARLADE Member since: Jul 12, 2021
  10. fisicx

    fisicx Moderator
    Verified Business ✔️

    34,763 10,626
    No they don't.

    Some people and organisations under certain conditions will be hacked. Most won't
    Posted: Jul 13, 2021 By: fisicx Member since: Sep 12, 2006